Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0AA0A66C1C02D2F0667BDF6DAFDD67C2A813FEFBED6D0F463951A042884077C/0/34352e3137392e3136352e302f32342d3234203d3e20323639373330.roa
File:                     34352e3137392e3136352e302f32342d3234203d3e20323639373330.roa (raw, json)
Hash identifier:          JGWe5jmMEySSl0LiiUnDk2o3lhxVti1GjGq4jVi0bJU=
Subject key identifier:   E0:DE:F4:B3:23:82:AD:BD:45:F4:75:30:90:2A:67:35:6A:E4:28:65
Certificate issuer:       /CN=71D885ED6F4642A4A627D17FCC92858FF0032B31
Certificate serial:       7E1165101D726BE33740CDDD1E7C3D3E909206A1
Authority key identifier: 71:D8:85:ED:6F:46:42:A4:A6:27:D1:7F:CC:92:85:8F:F0:03:2B:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/71D885ED6F4642A4A627D17FCC92858FF0032B31.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0AA0A66C1C02D2F0667BDF6DAFDD67C2A813FEFBED6D0F463951A042884077C/0/34352e3137392e3136352e302f32342d3234203d3e20323639373330.roa
Signing time:             Tue 05 Mar 2024 17:54:04 +0000
ROA not before:           Tue 05 Mar 2024 17:49:04 +0000
ROA not after:            Tue 04 Mar 2025 17:54:04 +0000
asID:                     269730
IP address blocks:        45.179.165.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:11:65:10:1d:72:6b:e3:37:40:cd:dd:1e:7c:3d:3e:90:92:06:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71D885ED6F4642A4A627D17FCC92858FF0032B31
        Validity
            Not Before: Mar  5 17:49:04 2024 GMT
            Not After : Mar  4 17:54:04 2025 GMT
        Subject: CN=E0DEF4B32382ADBD45F47530902A67356AE42865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:58:bc:cf:51:a5:9a:e1:8f:a0:16:d7:a2:b7:
                    28:69:28:ab:0e:41:01:cf:b9:d4:8d:81:78:a6:ec:
                    c0:b1:e4:a0:73:1c:31:02:c4:ed:05:b6:76:8c:a0:
                    91:66:74:d3:d3:48:60:7f:03:a0:1a:69:9b:7f:6b:
                    2c:1d:d1:cf:16:ab:9d:63:25:fa:29:50:dc:97:b2:
                    95:b8:5a:e6:d0:ae:a4:74:49:9e:2d:2a:b6:ec:ee:
                    31:0a:15:56:33:47:5a:a4:29:d4:3e:a8:23:44:1e:
                    c0:6f:8b:49:6e:2a:ea:7f:70:a7:87:f4:b4:9a:89:
                    52:ff:63:cd:a9:34:24:ea:25:02:fe:1f:80:64:39:
                    11:be:c4:bd:04:b4:fd:49:b7:42:5b:30:92:81:6b:
                    5e:a2:79:ae:d5:23:21:cf:82:f3:e3:e1:89:e1:e9:
                    13:ea:37:cc:a4:9b:cc:24:bd:a1:a8:56:8f:c9:cb:
                    e6:0d:e0:0c:b9:73:7c:71:f8:4b:b2:d3:8f:33:bb:
                    19:74:a3:10:55:f9:e9:a9:2e:e2:8b:7f:15:7f:7e:
                    8d:16:0c:ee:3c:17:f4:cc:07:94:ae:ba:5a:6a:af:
                    ee:ed:92:7c:5c:0f:59:04:4b:de:db:0f:31:6b:3d:
                    e5:17:33:bb:bd:73:85:46:6f:91:4a:1a:1a:55:a7:
                    c8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:DE:F4:B3:23:82:AD:BD:45:F4:75:30:90:2A:67:35:6A:E4:28:65
            X509v3 Authority Key Identifier:
                keyid:71:D8:85:ED:6F:46:42:A4:A6:27:D1:7F:CC:92:85:8F:F0:03:2B:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0AA0A66C1C02D2F0667BDF6DAFDD67C2A813FEFBED6D0F463951A042884077C/0/71D885ED6F4642A4A627D17FCC92858FF0032B31.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/71D885ED6F4642A4A627D17FCC92858FF0032B31.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0AA0A66C1C02D2F0667BDF6DAFDD67C2A813FEFBED6D0F463951A042884077C/0/34352e3137392e3136352e302f32342d3234203d3e20323639373330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.179.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:0a:12:dc:5a:c9:24:7f:05:ed:71:25:4b:bb:74:3d:e9:87:
         f1:44:ef:24:1f:45:cd:5e:1e:b5:41:df:48:08:21:ab:55:e5:
         61:55:a9:5a:a3:37:13:2c:33:f6:62:5a:d0:18:7e:19:7d:b3:
         dd:e2:03:a0:fc:e4:60:81:47:64:18:f7:3f:bf:cc:03:87:5d:
         9b:12:14:84:95:b3:3e:75:30:8d:3a:df:1c:78:f3:6b:7f:1b:
         41:38:6e:48:99:aa:3f:e6:ec:4c:b5:8a:50:1f:9c:27:6b:a3:
         11:7e:91:ef:78:0b:a7:ff:01:e2:16:c0:54:79:e9:ea:d8:1c:
         04:d7:e2:d4:58:30:d2:4f:31:8c:3c:f2:bd:c8:65:9c:cf:e6:
         ef:ea:14:33:b4:9d:2f:74:80:42:a6:57:69:3c:be:0f:80:ad:
         bc:48:2d:40:6c:64:27:95:18:23:18:f9:82:26:cd:d2:af:28:
         20:ca:bd:51:55:cc:b3:20:96:cb:7e:23:45:c0:ac:41:e4:3c:
         34:3f:f9:41:3d:59:a5:6c:6f:0b:a1:a7:3b:36:a1:63:47:54:
         29:e7:bd:43:e3:aa:b0:54:a5:48:81:dd:1b:a1:ac:9f:5d:c0:
         de:78:9e:7f:2e:60:c5:a6:20:26:2d:1a:34:2e:ce:fd:d7:f9:
         b5:34:82:c5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfhFlEB1ya+M3QM3dHnw9PpCSBqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFEODg1RUQ2RjQ2NDJBNEE2MjdEMTdGQ0M5Mjg1OEZG
MDAzMkIzMTAeFw0yNDAzMDUxNzQ5MDRaFw0yNTAzMDQxNzU0MDRaMDMxMTAvBgNV
BAMTKEUwREVGNEIzMjM4MkFEQkQ0NUY0NzUzMDkwMkE2NzM1NkFFNDI4NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WLzPUaWa4Y+gFteityhpKKsO
QQHPudSNgXim7MCx5KBzHDECxO0FtnaMoJFmdNPTSGB/A6AaaZt/aywd0c8Wq51j
JfopUNyXspW4WubQrqR0SZ4tKrbs7jEKFVYzR1qkKdQ+qCNEHsBvi0luKup/cKeH
9LSaiVL/Y82pNCTqJQL+H4BkORG+xL0EtP1Jt0JbMJKBa16iea7VIyHPgvPj4Ynh
6RPqN8ykm8wkvaGoVo/Jy+YN4Ay5c3xx+Euy048zuxl0oxBV+empLuKLfxV/fo0W
DO48F/TMB5Suulpqr+7tknxcD1kES97bDzFrPeUXM7u9c4VGb5FKGhpVp8ipAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU4N70syOCrb1F9HUwkCpnNWrkKGUwHwYDVR0j
BBgwFoAUcdiF7W9GQqSmJ9F/zJKFj/ADKzEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEFBMEE2NkMxQzAyRDJGMDY2N0JERjZEQUZERDY3QzJB
ODEzRkVGQkVENkQwRjQ2Mzk1MUEwNDI4ODQwNzdDLzAvNzFEODg1RUQ2RjQ2NDJB
NEE2MjdEMTdGQ0M5Mjg1OEZGMDAzMkIzMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MUQ4ODVFRDZGNDY0MkE0QTYy
N0QxN0ZDQzkyODU4RkYwMDMyQjMxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBBQTBBNjZDMUMwMkQyRjA2NjdCREY2REFGREQ2N0MyQTgxM0ZFRkJF
RDZEMEY0NjM5NTFBMDQyODg0MDc3Qy8wLzM0MzUyZTMxMzczOTJlMzEzNjM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM5MzczMzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALbOl
MA0GCSqGSIb3DQEBCwUAA4IBAQBVChLcWskkfwXtcSVLu3Q96YfxRO8kH0XNXh61
Qd9ICCGrVeVhValaozcTLDP2YlrQGH4ZfbPd4gOg/ORggUdkGPc/v8wDh12bEhSE
lbM+dTCNOt8cePNrfxtBOG5Imao/5uxMtYpQH5wna6MRfpHveAun/wHiFsBUeenq
2BwE1+LUWDDSTzGMPPK9yGWcz+bv6hQztJ0vdIBCpldpPL4PgK28SC1AbGQnlRgj
GPmCJs3Sryggyr1RVcyzIJbLfiNFwKxB5Dw0P/lBPVmlbG8Loac7NqFjR1Qp571D
46qwVKVIgd0boayfXcDeeJ5/LmDFpiAmLRo0Ls791/m1NILF
-----END CERTIFICATE-----